Novell Open Enterprise Server 11 SP3 User guide

Brand: Novell

Model: Open Enterprise Server 11 SP3

Category: Servers

Type: User guide

www.novell.com/documentation

Deployment Guide

iFolder 3.9.2

August 2015

Legal Notices

Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and specifically

disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.,

reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any

person or entity of such revisions or changes.

Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims any

express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to

make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such

changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade

laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or

classification to export, re-export or import deliverables. You agree not to export or re-export to entities on the current U.S.

export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use

deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the Novell International Trade

Services Web page (http://www.novell.com/info/exports/) for more information on exporting Novell software. Novell assumes

no responsibility for your failure to obtain any necessary export approvals.

a retrieval system, or transmitted without the express written consent of the publisher.

Novell, Inc.

1800 South Novell Place

Provo, UT 84606

U.S.A.

www.novell.com

Online Documentation: To access the latest online documentation for this and other Novell products, see the Novell

Documentation Web page (http://www.novell.com/documentation).

Novell Trademarks

For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/trademarks/

tmlist.html).

Third-Party Materials

All third-party trademarks are the property of their respective owners.

Contents 3

Contents

About This Guide 7

1 Understanding iFolder Deployment 9

1.1 Before You Deploy iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

1.1.1 Hardware and Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

1.1.2 Security Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

1.1.3 Additional Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

1.1.4 Encryption and Key Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

1.2 Using a Deployment Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2 Single-Server Deployment 13

2.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

2.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

2.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

2.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

2.4.1 User Data Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

2.4.2 Document Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

3 Multi-Server (Master-Slave) Deployment 17

3.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

3.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

3.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

3.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

3.4.1 Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

3.4.2 Data Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

4 Multi-Server (Master-Master) Deployment 21

4.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

4.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

4.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

4.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

4.4.1 Functional Grouping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

4.4.2 Specialized Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

5 Master-Slave Deployment for a High Web Access Load 25

5.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

5.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

5.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

5.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

5.4.1 Web Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

5.4.2 Online Application Submission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

6 Single-Server Cluster Deployment 29

6.1 Planning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

4 Novell iFolder 3.9.2 Deployment Guide

6.1.1 iFolder Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

6.2 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

6.3 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

6.4 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

6.5 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

6.5.1 Document Collaboration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

7 Multi-Server Master-Slave Deployment in a Cluster 33

7.1 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

7.1.1 iFolder Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

7.1.2 Web Admin Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

7.1.3 Web Access Server Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

7.2 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

7.3 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

7.4 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

7.5 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

7.5.1 Business Services with High Volatility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

8 Using an iFolder Master Server as a Load Balancer 37

8.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

8.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

8.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

8.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

8.4.1 Information Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

8.4.2 Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

9 Using Fibre Channel to Deploy iFolder in a Storage Area Network 41

9.1 iFolder Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

9.2 Web Admin and Web Access Server Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

9.3 Planning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

9.4 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

9.5 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

9.6 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

9.6.1 Case 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

9.6.2 Case 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

10 Using Xen to Deploy iFolder as a Virtual Service 45

10.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

10.2 LDAP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

10.3 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

11 NAT-Based Configuration 49

11.1 Planning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

11.2 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

11.3 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

11.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

12 Using Router Port Forwarding and Mod Proxy 51

12.1 Port Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Contents 5

12.2 Mod Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

12.3 Port Forwarding and Mod Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

12.4 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

12.5 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

12.6 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

13 Deploying iFolder behind Access Manager or iChain 55

13.1 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

13.2 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

13.3 Additional Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

13.4 Deployment Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

14 Deploying the My Documents Folder as an iFolder 59

14.1 Environments. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

14.1.1 Trusted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

14.1.2 Untrusted (User Network Alone) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

14.1.3 Untrusted. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

14.2 Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

14.2.1 General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

14.2.2 Single Server and Multi-Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

14.2.3 Novell iFolder Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

14.2.4 Novell Web Admin Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

14.2.5 Web Access Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

14.2.6 Converting the My Documents Folder to an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

14.3 Key Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

14.4 Scalability Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

6 Novell iFolder 3.9.2 Deployment Guide

About This Guide 7

About This Guide

Novell iFolder is designed with the basic principle of scalability to support organizational

modifications. The Novell iFolder 3.9.x Deployment Guide describes how to successfully deploy the

following iFolder components in your production environment:

 iFolder Enterprise Server

 iFolder Web Access Server

 iFolder Web Admin Server

 iFolder Client

The cases considered in this guide are not exhaustive. They are intended to be examples that can be

mapped to your organizational functions.

 Chapter 1, “Understanding iFolder Deployment,” on page 9

 Chapter 2, “Single-Server Deployment,” on page 13

 Chapter 3, “Multi-Server (Master-Slave) Deployment,” on page 17

 Chapter 4, “Multi-Server (Master-Master) Deployment,” on page 21

 Chapter 5, “Master-Slave Deployment for a High Web Access Load,” on page 25

 Chapter 6, “Single-Server Cluster Deployment,” on page 29

 Chapter 7, “Multi-Server Master-Slave Deployment in a Cluster,” on page 33

 Chapter 8, “Using an iFolder Master Server as a Load Balancer,” on page 37

 Chapter 9, “Using Fibre Channel to Deploy iFolder in a Storage Area Network,” on page 41

 Chapter 10, “Using Xen to Deploy iFolder as a Virtual Service,” on page 45

 Chapter 11, “NAT-Based Configuration,” on page 49

 Chapter 12, “Using Router Port Forwarding and Mod Proxy,” on page 51

 Chapter 13, “Deploying iFolder behind Access Manager or iChain,” on page 55

 Chapter 14, “Deploying the My Documents Folder as an iFolder,” on page 59

Audience

This guide is intended for iFolder administrators.

Feedback

We want to hear your comments and suggestions about this manual and the other documentation

included with this product. Please use the User Comments feature at the bottom of each page of the

online documentation.

Documentation Updates

For the most recent version of the Novell iFolder 3.9.x Deployment Guide, visit the Novell iFolder 3.x

Documentation.

8 Novell iFolder 3.9.2 Deployment Guide

Additional Documentation

For documentation, see the following:

 Novell iFolder 3.x documentation

 Novell Open Enterprise Server documentation

 Novell eDirectory 8.8.x documentation

 Novell iManager 2.7.x documentation

 Novell Technical Support

Understanding iFolder Deployment 9

Understanding iFolder Deployment

Administration overhead and handling user support calls are major tasks in the Information and

Service department of any organization. Deploying a service without proper understanding of the

current requirements, the quality of the service, and the projected organizational growth can cause

unexpected demands on the system that lead to extra costs to manage the service.

This guide helps you understand the various scenarios in which the Novell iFolder service can be

deployed, based on requirements and future expansion plans. It addresses various iFolder

deployment scenarios and use cases ranging from simple to complex, targeting small, medium, and

enterprise users. You can also request assistance from Novell support personnel to help you

implement these deployment scenarios.

 Section 1.1, “Before You Deploy iFolder,” on page 9

 Section 1.2, “Using a Deployment Manager,” on page 11

1.1

Before You Deploy iFolder

Before you install Novell iFolder, you must plan the setup that is suitable for your enterprise. You

should organize the deployment based on your current requirements, the quality of service required,

and the projected needs for future growth.

Before you deploy iFolder, consider the following:

 Section 1.1.1, “Hardware and Software Requirements,” on page 9

 Section 1.1.2, “Security Considerations,” on page 10

 Section 1.1.3, “Additional Documentation,” on page 10

 Section 1.1.4, “Encryption and Key Recovery,” on page 10

1.1.1

Hardware and Software Requirements

 “Server Hardware Requirements” on page 9

 “Server Software Requirements” on page 10

 “Client Requirements” on page 10

Server Hardware Requirements

A Novell iFolder server has the following hardware requirements:

 A server class machine for Open Enterprise Server 2015

 A minimum of 2 GB RAM

 200 GB dedicated storage (200 MB storage per user for 1000 users)

 Minimum 100 Mbps dedicated NIC

10 Novell iFolder 3.9.2 Deployment Guide

Server Software Requirements

A Novell iFolder server has the following software requirements:

 Apache* configured in work mode

 Apache configured for traditional NIC

Client Requirements

The Novell iFolder client supports the following workstation operating systems:

 SUSE Linux Enterprise Desktop (SLED) 10 SP3

 SUSE Linux Enterprise Desktop (SLED) 11 SP1 64-bit

 openSUSE 11.4

NOTE: The iFolder Linux client requires the Mono framework for Linux and a GNOME desktop

for iFolder Nautilus plug-in support.

 Windows XP SP3 32-bit

 Windows Vista SP1

 Windows 7

 Macintosh OS X 32-bit (Intel architecture) v10.5 and later (requires Mono 2.4.2.3). PowerPc

architecture is not supported.

1.1.2

Security Considerations

Based on your security requirements, you can create an encrypted iFolder or a normal iFolder. The

communication between the iFolder server, clients, Web Admin server, and Web Access server can

be set to non-SSL or SSL (secure) or both.

1.1.3

Additional Documentation

For more information, see the following:

 iFolder 3.9.2 Administration Guide

 “Planning iFolder Services”

 “Prerequisites and Guidelines”

 iFolder 3.9.2 Cross-Platform User Guide

 “Getting Started”

 Novell iFolder 3.9.2 Security Administration Guide

1.1.4

Encryption and Key Recovery

For detailed information on encryption and key recovery, refer to the following guides:

 iFolder 3.9.2 Cross-Platform User Guide

 “Encryption”

Understanding iFolder Deployment 11

 “Encryption Policy Settings”

 “Managing Passphrase for Encrypted iFolders”

 iFolder 3.9.2 Security Administration Guide

 “Creating an Encrypted iFolder”

 “Creating Strong Password And Passphrase”

 “Using the Recovery Agent”

 “Transferring the Encryption Key”

1.2

Using a Deployment Manager

Novell iFolder supports auto-account creation through an XML-based response file. You can use any

deployment manager, such as Novell ZENworks, to distribute the response file along with the client to

the user machines. After the client is installed, the client startup auto-creates an account when the

response file is detected. This is beneficial for large deployments. It also saves time for users and

avoids support calls because of account creation errors.

12 Novell iFolder 3.9.2 Deployment Guide

Single-Server Deployment 13

Single-Server Deployment

A single-server setup consists of a single server with up to one thousand clients simultaneously

connected to it. In such a setup, the iFolder server and the database are located on a single Open

Enterprise Server (OES) server, and the client workstations are connected to it. This scenario is

illustrated in the following figure.

Figure 2-1 Single Server

In a single-server setup, all three iFolder components are installed and configured on the same

server. Authentication of users is always LDAP-based. This means that all the users trying to log in

and access iFolder data are authenticated with the LDAP server first and then allowed to access

iFolder data. All client-to-server communication and communication between server components is

done via HTTPS. In this setup, a single server hosts the iFolder server, iFolder Web Access services,

and iFolder Web Admin services. Load balancing cannot be performed in this setup and heavy Web

Access usage is also not recommended.

The following sections describe the deployment of a single server setup in your environment.

 Section 2.1, “Key Benefits,” on page 14

 Section 2.2, “LDAP Configuration,” on page 14

 Section 2.3, “Scalability Parameters,” on page 14

 Section 2.4, “Deployment Scenarios,” on page 14

Simple Server

HTTP

100 Mbps

iFolder server

Public URL = 10.1.1.1

Private URL = 10.1.1.1

Server IP = 10.1.1.1

Client connects

To Public URL

Linux

SLED 10 SP1

or greater

Macintosh

OSX v10.4

or greater

Windows

XP/Vista

Browser

Web Access

/ iFolder

Browser

Web Admin

/ admin

eDirectory

o=ifadmin, o=novell,

url=ifproxy, o=novell

14 Novell iFolder 3.9.2 Deployment Guide

2.1

Key Benefits

The key benefits of a single-server setup are as follows:

 A single-server setup is easy to maintain because operations such as updating patches,

upgrading the server, taking a backup, and restoring a backup are limited to a single server.

 Sharing iFolders is faster in a single-server setup as opposed to a multi-server environment. This

is because in a single-server setup, users are provisioned to a single server, but in a multi-server

environment users are provisioned across multiple servers.

 A single-server setup is beneficial for small setups of 500 to 1000 users. In such a scenario,

where all users are provisioned on the same server, the response time is guaranteed. For

example, if a server has a dedicated network interface card (NIC) with a minimum of 1 Gbps

capacity and each client has a NIC with a minimum capacity of 100 Mbps. With this

configuration, a user can upload or download a 1 GB file in less than 5 minutes.

2.2

LDAP Configuration

The LDAP configuration information for a single-server setup is as follows:

 eDirectory, OpenLDAP*, and Active Directory* directory servers are supported.

 Ensure that all users are a part of either a container or a static/dynamic group on the LDAP

directory server. During iFolder installation, you must use the same container or group DNs to

configure the Search context field.

 iFolder supports both secure and non-secure communication with the directory server. You can

choose any communication channel that fits your requirements. Ensure that the directory server

is listening on standard LDAP ports for secure and non-secure channels.

2.3

Scalability Parameters

The scalability parameters for a single-server deployment are as follows:

 A single-server setup is ideal for small setups of 500 to 1000 users.

 Clients must have a dedicated network interface card (NIC) of 100 Mbps capacity.

 Web-based access must be low, and thick client access must be moderate with up to 500 active

connections.

 Data transfer (synchronization of user data) rate must be 10 MB per hour per client.

 The synchronization interval must be 10 minutes.

2.4

Deployment Scenarios

The following sections describe the deployment scenarios in a single-sever setup:

 Section 2.4.1, “User Data Backup,” on page 15

 Section 2.4.2, “Document Management,” on page 15

Single-Server Deployment 15

2.4.1

User Data Backup

Consider a scenario where an organization wants a set of 500 users to be able to back up their

desktop data at regular intervals. The organization provides a dedicated LAN link to ensure that 500

users can synchronize the data at the rate of 10 MB per hour. A single-server setup is ideal in such a

scenario. Before you use a single-server setup for this scenario, you must consider the following

policies:

 “Limiting the Number of iFolders Per User” on page 15

 “Disabling Sharing” on page 15

 “Setting a Disk Quota” on page 15

Limiting the Number of iFolders Per User

In order to maintain the server load at an optimal level, you must limit the number of iFolders that a

user can create. Use the Web Admin console to limit the number of iFolders per user in a given

iFolder system. You can set this policy at user and system levels. The recommended limit of iFolders

per user is 5.

Disabling Sharing

To enable an effective backup and to avoid user data collision, you must disable iFolder sharing. If

necessary, you can enable sharing with read-only access. This is useful to maintain the 10 MB per

hour data transfer rate at 500 simultaneous connections.

Setting a Disk Quota

The disk quota limit is based on the server capacity. The recommended limit is 4 GB per user. This

requirement can be a floating value, so that an average of 4 GB per user is achieved. This means that

default settings are used to achieve the requirement.

2.4.2

Document Management

This deployment scenario illustrates the iFolder ability to synchronize documents across various

levels in an enterprise. Consider a scenario where a customer in a bank initiates a loan request

process by submitting an application form to a bank clerk. As a part of the loan request process, the

application form is sent to an official at a higher level for approval.

In this scenario, you can create three iFolders named Submission, Level 1, and Level 2 for the initial

submission and for the next levels of approvals. The first two iFolders, Submission and Level 1, can

be shared between the clerk and the manager. The Level 2 iFolder can be shared between the

manager and the senior manager and made inaccessible to the clerk.

After the initial verification, the clerk can move the loan application form stored in the Submission

iFolder to the Level 1 iFolder. The manager accesses the verified loan application form from the Level

1 iFolder for further verification and approval. If the loan request is verified and approved, the

manager moves the application form to the Level 2 iFolder for the senior manager’s approval.

The various levels of access allow you to use a single-server setup to easily manage the flow of

documents in an enterprise.

16 Novell iFolder 3.9.2 Deployment Guide

Multi-Server (Master-Slave) Deployment 17

Multi-Server (Master-Slave) Deployment

A multi-server setup consists of multiple servers, which can each have more than a thousand

simultaneous connections at any point of time. Multi-server configurations are of two types, master-

master and master-slave. This section discusses the master-slave setup, and the master-master

setup is discussed in Chapter 4, “Multi-Server (Master-Master) Deployment,” on page 21.

Multi-server configurations are beneficial for organizations that are expanding their employee

strength. This type of setup is also useful for organizations that have their workforce spread across

the globe with multiple branches across countries and continents. You can use a multi-server

deployment to synchronize and share data across the globe with a predictable response time.

You can convert a single-server system to a multi-server system by connecting an additional server to

the main server and creating a master-slave configuration. A multi-server (master-slave) setup is

illustrated in the following figure.

Figure 3-1 Master-Slave

In this setup, the iFolder server and the iFolder database are located on Open Enterprise Server

(OES) servers with client workstations connected to the iFolder server. The iFolder master and slave

servers are connected to each other to exchange metadata information. The Web Access and Web

Admin consoles of the master server are accessed through a browser. User authentication is done

through the eDirectory secure LDAP protocol and all the server-to-server and client-to-server

communication is done via HTTPS.

The following sections describe a multi-server (master-slave) iFolder setup:

 Section 3.1, “Key Benefits,” on page 18

 Section 3.2, “LDAP Configuration,” on page 18

 Section 3.3, “Scalability Parameters,” on page 18

 Section 3.4, “Deployment Scenarios,” on page 19

18 Novell iFolder 3.9.2 Deployment Guide

3.1

Key Benefits

The key benefits of a multi-server (master-slave) setup are as follows:

 Supports a secure communication channel (SSL) to secure the data exchanged on the wire and

secures iFolder data stored on the server with the Novell patented encryption and recovery

mechanism.

 Ensures scalability with no theoretical limit on the number of servers participating. In addition,

each server can have multiple data volumes configured with any limit.

 Guarantees response time because the number of users that are provisioned per server is

limited to 1000, so that each user can have a predictable response from the server if the server

has a dedicated network interface card (NIC) with a minimum of 1 Gbps capacity and each client

has at least a 100 Mbps NIC. With this configuration, the user can upload or download a 1 GB

file in less than 5 minutes, which is almost 4 MB per second.

 Enables users across different geographical locations to share data in a secure manner.

 Enables Novell iFolder servers across different geographical locations to be integrated with

Business Continuity Clusters (BCC) for data replication and high availability.

3.2

LDAP Configuration

The LDAP configuration information for a multi-server (master-slave) setup is as follows:

 eDirectory, OpenLDAP, and Active Directory directory servers are supported.

 The LDAP Search Context option must be set to an appropriate value for both master and slave

in order to optimize LDAP sync time on both servers. The Master LDAP search context specified

must either be a superset of all the slave search contexts or a combined list of all slave search

contexts as shown in the examples given below:

 Master context

o=org

, Slave1 context

ou=ku,o=org,

Slave2 context

ou=dl,o=org

 Master context

ou=ku,o=org##ou=dl,o=org

, Slave1 context

ou=ku,o=org

, Slave2 context

ou=dl,o=org

 Ensure that each iFolder server has its own eDirectory replicas so that the authentication

happens locally instead of walking the eDirectory tree.

 iFolder supports both secure and non-secure communication with the directory server. You can

choose any communication channel that you need. Ensure that the directory server is listening

on standard LDAP ports for secure and non-secure channels.

3.3

Scalability Parameters

The scalability parameters for a multi-server (master-slave) deployment are as follows:

 The multi-server (master-slave) deployment is scalable to 1000 users.

If an exclusive Web Access server is not deployed, the Web Access users are also considered in

this scalable parameter. An independent Web Access server can handle 1000 users at any given

point in time. If there are more than 1000 Web users connecting at any given point in time,

consider the deployment scenario in Chapter 5, “Master-Slave Deployment for a High Web

Access Load,” on page 25.

 The Enterprise iFolder server must have Web Admin and Web Access capability.

Multi-Server (Master-Slave) Deployment 19

 Web Access usage must be minimal to ensure guaranteed response time.

 Clients must have a dedicated NIC of at least 100 Mbps.

 Web-based access must be low, and thick client access must be moderate with 500 active

connections.

 The data transfer (synchronization of user data) rate must be at least 10 MB per hour per client.

 Both SSL and non-SSL communication is supported.

 The synchronization interval must be no more than 10 minutes.

 If the master and slave iFolder servers are in two different geographical locations, individual Web

Access servers are beneficial to improve the response time.

3.4

Deployment Scenarios

The following sections discuss the deployment cases in a multi-sever setup. These deployment

cases indicate how a multi-server (master-slave) setup can be used for load balancing and data

synchronization in an organization where the employee storage requirement is growing in terms of

size and frequency of access. In a situation where an organization’s employee storage requirement is

increasing, an organization needs a reliable response time for users. Also, data synchronization in

such a situation needs strict time constraints.

 Section 3.4.1, “Load Balancing,” on page 19

 Section 3.4.2, “Data Synchronization,” on page 19

3.4.1

Load Balancing

Consider the case of a global manufacturing firm that requires its component plans and drawings to

be saved in a secure place. The workforce involved in the manufacturing division of the organization

needs this confidential information to be accessed, updated, added, or shared with peers in other

departments for various actions to be taken, such as approval of plans.

In this case, you can deploy Novell iFolder in a multi-server setup so that the manufacturing divisions

can share the plans and other documents in a secure manner. Because the number of units

manufactured might be time-sensitive and limited, the plans and drawings must reach the respective

divisions on time, and the operators must be able to retrieve, update, and synchronize them within the

required response time. A multi-server configuration is very useful in managing this kind of load in a

timely manner.

3.4.2

Data Synchronization

Consider an example where a company is organizing an event to showcase its products on the same

day in different geographical locations. Representatives of the company are at the different locations

for the event with their presentations, spreadsheets, and Flash* videos. The presentation material

needs to be replicated across different locations. Because the presentation material might need last-

minute changes, it needs to be synchronized in real time. In such a scenario, an iFolder multi-server

(master-slave) deployment can offer real-time data synchronization capabilities.

20 Novell iFolder 3.9.2 Deployment Guide

Page is loading ...

Novell Open Enterprise Server 11 SP3 User guide

Brand: Novell

Model: Open Enterprise Server 11 SP3

Category: Servers

Type: User guide

Download PDF

report

Novell Open Enterprise Server 11 SP3 User guide

Novell Open Enterprise Server 11 SP3 User guide

Related papers

Other documents